CVE-2021-29377

Pear Admin Think through 2.1.2 contains an arbitrary file upload vulnerability that enables remote code execution by uploading a .php file via admin.php/index/upload due to mishandling of fileExt in app/common/service/UploadService.php. This is documented across multiple sources (NVD entry CVE-20...